/* remove fs privilege for non-root user */
if (ucred->mu_fsuid)
- ucred->mu_cap = pud->pud_cap & ~CAP_FS_MASK;
+ ucred->mu_cap = pud->pud_cap & ~CFS_CAP_FS_MASK;
else
ucred->mu_cap = pud->pud_cap;
ucred->mu_valid = UCRED_NEW;
/* remove fs privilege for non-root user */
if (uc->mu_fsuid)
- uc->mu_cap = body->capability & ~CAP_FS_MASK;
+ uc->mu_cap = body->capability & ~CFS_CAP_FS_MASK;
else
uc->mu_cap = body->capability;
uc->mu_valid = UCRED_OLD;
/* remove fs privilege for non-root user */
if (uc->mu_fsuid)
- uc->mu_cap &= ~CAP_FS_MASK;
+ uc->mu_cap &= ~CFS_CAP_FS_MASK;
uc->mu_valid = UCRED_OLD;
RETURN(0);
if (in & MDS_OPEN_OWNEROVERRIDE)
ma->ma_attr_flags |= MDS_OPEN_OWNEROVERRIDE;
+ if (in & (ATTR_KILL_SUID|ATTR_KILL_SGID))
+ ma->ma_attr_flags |= MDS_PERM_BYPASS;
+
/*XXX need ATTR_RAW?*/
in &= ~(ATTR_MODE|ATTR_UID|ATTR_GID|ATTR_SIZE|ATTR_BLOCKS|
ATTR_ATIME|ATTR_MTIME|ATTR_CTIME|ATTR_FROM_OPEN|